Fix device manager to scan resources.Requests #57278
Conversation
k8s-ci-robot
added
release-note-none
k8s-ci-robot
added
size/S
k8s-ci-robot
requested review from
rohitagarwal003,
ConnorDoyle,
vishh and
jiayingz
|
@vikaschoudhary16: GitHub didn't allow me to request PR reviews from the following users: tengqm, RenaudWasTaken. Note that only kubernetes members can review this PR, and authors cannot review their own PRs. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
@vikaschoudhary16 the issue @ConnorDoyle opened was about the fact that we don't scan Requests but we still have to scan Limits too :) |
|
@RenaudWasTaken regarding
Per the docs, requests default to limits if those are explicitly defined. For example, the scheduler only inspects requests but it is able to properly place pods that only specify limit. So, it appears that requests are guaranteed to be a subset of limits. You can verify the behavior like this: Then fetch the same pod resource from the API server with kubectl: {
"limits": {
"cpu": "100m",
"example.com/foo": "1"
},
"requests": {
"cpu": "50m",
"example.com/foo": "1"
}
}In summary, I think it is safe to only inspect requests here and ignore limits. We will see any ER limit reflected in requests, and we are further guaranteed that ER limit is either undefined or equal to request. |
|
Thanks for posting a PR for this so quickly! |
| @@ -550,7 +550,7 @@ func (m *ManagerImpl) allocateContainerResources(pod *v1.Pod, container *v1.Cont | |||
| podUID := string(pod.UID) | |||
| contName := container.Name | |||
| allocatedDevicesUpdated := false | |||
| for k, v := range container.Resources.Limits { | |||
| for k, v := range container.Resources.Requests { | |||
There was a problem hiding this comment.
@vikaschoudhary16 it's might not be obvious why we can safely ignore Limits. Could we add a comment near here explaining the rationale?
|
@ConnorDoyle agreed but isn't the behavior undefined if someone sets requests and limits ? Should this error out ? |
|
You can set both request and limit for extended resources, but they fail validation if they are not equal. |
|
/assign |
|
/approve |
k8s-ci-robot
added
the
approved
vikaschoudhary16
force-pushed
the
limit
branch
from
13a02dd
to
fc0c937
Compare
|
@ConnorDoyle Done. PTAL! |
k8s-github-robot
added
the
needs-rebase
| @@ -550,7 +550,10 @@ func (m *ManagerImpl) allocateContainerResources(pod *v1.Pod, container *v1.Cont | |||
| podUID := string(pod.UID) | |||
| contName := container.Name | |||
| allocatedDevicesUpdated := false | |||
| for k, v := range container.Resources.Limits { | |||
| // NOTE: Skipping the Resources.Lists is safe here because: | |||
| for k, v := range container.Resources.Limits { | ||
| // NOTE: Skipping the Resources.Lists is safe here because: | ||
| // 1. If container Spec mentions Limits only, implicitly Requests, equal to Limits, get added to Spec. | ||
| // 2. If container Spec mentions Limits, which are greater than or less than Requests, will fail at validation. |
There was a problem hiding this comment.
Sorry, I can't recall we have validation to verify 2) , limits can be greater than requests by design in scheduler ... or I misunderstood the comment here?
| @@ -550,7 +550,10 @@ func (m *ManagerImpl) allocateContainerResources(pod *v1.Pod, container *v1.Cont | |||
| podUID := string(pod.UID) | |||
| contName := container.Name | |||
| allocatedDevicesUpdated := false | |||
| for k, v := range container.Resources.Limits { | |||
| // NOTE: Skipping the Resources.Lists is safe here because: | |||
| // 1. If container Spec mentions Limits only, implicitly Requests, equal to Limits, get added to Spec. | |||
There was a problem hiding this comment.
The commas around equal to Limits confused me a little bit.
vikaschoudhary16
force-pushed
the
limit
branch
from
fc0c937
to
02f7d97
Compare
vikaschoudhary16
force-pushed
the
limit
branch
from
02f7d97
to
bf1fb46
Compare
k8s-github-robot
removed
the
needs-rebase
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: ConnorDoyle, vikaschoudhary16 Associated issue: #57276 The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these OWNERS Files:
You can indicate your approval by writing |
|
/test all [submit-queue is verifying that this PR is safe to merge] |
|
Automatic merge from submit-queue. If you want to cherry-pick this change to another branch, please follow the instructions here. |
|
@vikaschoudhary16 we may consider to cherry-pick this PR to 1.9.1. |
| for k, v := range container.Resources.Limits { | ||
| // NOTE: Skipping the Resources.Limits is safe here because: | ||
| // 1. If container Spec mentions Limits only, implicitly Requests, equal to Limits, will get added to the Spec. | ||
| // 2. If container Spec mentions Limits, which are greater than or less than Requests, will fail at validation. |
There was a problem hiding this comment.
What if limits are not set? I think this change should validate if requests==limits prior to using requests.
There was a problem hiding this comment.
@vishh if requests != limits for ERs, it will fail here on validation step:
https://github.com/kubernetes/kubernetes/blob/master/pkg/apis/core/validation/validation.go#L4380
And if limits are not set, then it should not be a problem because now with this change, requests are being scanned.
Or i missed your question?
There was a problem hiding this comment.
@vishh Yeah, I raised the same question before, while found that it is actually ensured by validation indeed.
That's why I suggested to update this comment to make it more clear. 😆
|
I'd appreciate if API behavioral changes are soaked for a bit before being merged. |
|
This will be reverted, per discussion here: #57170 (comment) |
Automatic merge from submit-queue (batch tested with PRs 57591, 57369). If you want to cherry-pick this change to another branch, please follow the instructions <a href="https://github.com/kubernetes/community/blob/master/contributors/devel/cherry-picks.md">here</a>. Revert back #57278 **What this PR does / why we need it**: This PR reverts back to behavior of scanning Limits. **Which issue(s) this PR fixes** *(optional, in `fixes #<issue number>(, fixes #<issue_number>, ...)` format, will close the issue(s) when PR gets merged)*: Related # #57276 #57170 **Special notes for your reviewer**: **Release note**: ```release-note None ``` /sig node /cc @vishh @ConnorDoyle @jiayingz
What this PR does / why we need it:
This PR makes device manager to scan resources.Requests from the container spec. Currently
it scans resources.Limits. For extended resources, it is not mandatory for resources.Limits to be present in the container spec and if Limits are present, validation logic ensures that Limits will always be equal to Requests.
Fixes #57276
Special notes for your reviewer:
Release note:
/sig node
/cc @ConnorDoyle @vishh @jiayingz @RenaudWasTaken @tengqm @resouer @mindprince